9a7b159bfba13975e0db89249ebf1e5b

General

Target

9a7b159bfba13975e0db89249ebf1e5b
Size

187KB
MD5

9a7b159bfba13975e0db89249ebf1e5b
SHA1

e935f36f0c9dde48ea833eb3d3cd23ca9991836c
SHA256

28e0288d7aa6d9c4455bfe53a220dbbfb61193740c801ff4ee08ef462541859b
SHA512

76f771f4074d7cac69aeed6ca2d4148bc3d96111f13f7a9cc43aa2573863b2d96643ddd884830a2ee4e8f97e327100a8ea849759228ab7eb8b7b2b8be45a77e7
SSDEEP

3072:wxHIWROE36gQb6kDmpooRPmoWzQVtHtHqTpEVL2gqBWBhliPf1aanfm5t1xfUoDh:igE3J46A0BIMtHtKVGE4BuoQMH8cmXwR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a7b159bfba13975e0db89249ebf1e5b

Files

9a7b159bfba13975e0db89249ebf1e5b
.exe windows:4 windows x86 arch:x86

1bae77b2ad414d23f503155609c1427f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

InitializeCriticalSection
GlobalHandle
TlsFree
lstrlenA
GlobalFindAtomW
RaiseException
GetTickCount
GlobalAlloc
InterlockedDecrement
GetComputerNameW
TlsSetValue
InterlockedExchange
LocalAlloc
GetOEMCP
FlushInstructionCache
GetCurrentProcess
FormatMessageW
TlsGetValue
CreateFileW
WaitForSingleObject
CloseHandle
TlsAlloc
HeapSetInformation
EnumResourceNamesA
GlobalUnlock
GetLocaleInfoW
GetStringTypeA
SetLastError
lstrcmpW
GetCurrentThreadId
GlobalLock
SetLastError
LeaveCriticalSection
lstrlenW
MulDiv
DeleteCriticalSection
InterlockedIncrement
EnterCriticalSection
MultiByteToWideChar
GlobalFree
SetUnhandledExceptionFilter
WideCharToMultiByte

shlwapi

StrRetToStrA
PathIsContentTypeA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 94KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bae77b2ad414d23f503155609c1427f

Headers

File Characteristics

Imports

kernel32

shlwapi

rpcrt4

Sections

.text Size: 94KB - Virtual size: 233KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 90KB - Virtual size: 90KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 94KB - Virtual size: 233KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 90KB - Virtual size: 90KB

.rsrc
Size: 512B - Virtual size: 4KB